47153 matches found
HP Operations Orchestration code execution
No description provided...
HP Network Node Manager i information leakage
No description provided...
HP SiteScope multiple security vulnerabilities
Information leakage, code execution...
ESA-2012-037: RSA(r) Authentication Agent 7.1 for Microsoft Windows(r) and RSA(r) Authentication Client 3.5 Access Control Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2012-037: RSAÂŽ Authentication Agent 7.1 for Microsoft WindowsÂŽ and RSAÂŽ Authentication Client 3.5 Access Control Vulnerability EMC Identifier: ESA-2012-037 CVE Identifier: CVE-2012-2287 Severity Rating: CCVSS v2 Base Score: 6.5...
HP IBRIX X9000 information leakage
No description provided...
XnView buffer overflow
Buffer overflow on JLS files parsing...
XnView JLS File Decompression Heap Overflow
XnView JLS File Decompression Heap Overflow Summary XnView Formats PlugIn is prone to an overflow condition. The JLS Plugin xjpegls.dll library fails to properly sanitize user-supplied input resulting in a heap-based buffer overflow. With a specially crafted JLS compressed image file, a...
[USN-1595-1] libxslt vulnerabilities
========================================================================== Ubuntu Security Notice USN-1595-1 October 04, 2012 libxslt vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...
libxslt multiple security vulnerabilities
Information leakages, DoS conditions, memory corruptions...
[security bulletin] HPSBST02818 SSRT100960 rev.1 - HP IBRIX X9000 Storage, Remote Disclosure of Information
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20566.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c03510876 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03510876 Version: 1 HPSBST02818...
Toshiba ConfigFree CF7 File Remote Command Execution
/----------------------------------------------------------------------------- | Toshiba ConfigFree CF7 File Remote Command Execution | -----------------------------------------------------------------------------/ Summary ======= There is a command execution vulnerability in the Toshiba ConfigFr...
dbus privilege escalation
Privilege escalation via environment variables...
DartWebserver buffer overflow
Buffer overflow on HTTP request parsing...
CA License privilege escalation
Code execution with system rights, files modification...
Novell Groupwise directory traversal
HTTP interface directory traversal...
CA20121001-01: Security Notice for CA License
CA20121001-01: Security Notice for CA License Issued: October 01, 2012 CA Technologies Support is alerting customers to two potential risks in CA License also known as CA Licensing. Vulnerabilities exist that can allow a local attacker to execute arbitrary commands or gain elevated access. CA...
[USN-1582-1] RubyGems vulnerabilities
========================================================================== Ubuntu Security Notice USN-1582-1 September 26, 2012 rubygems vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives...
guacamole buffer overflow
Buffer overflow on request parsing...
Toshiba ConfigFree CF7 File Stack Buffer Overflow (Comment Field
/----------------------------------------------------------------------------------- | Toshiba ConfigFree CF7 File Stack Buffer Overflow Comment Field | -----------------------------------------------------------------------------------/ Summary ======= There is a stack buffer overflow...
Toshiba ConfigFree CF7 File Stack Buffer Overflow (ProfileName)
/-------------------------------------------------------------------------------- | Toshiba ConfigFree CF7 File Stack Buffer Overflow ProfileName | --------------------------------------------------------------------------------/ Summary ======= There is a stack buffer overflow vulnerability in t...
CVE-2012-3819: Stack Overflow in DartWebserver.dll <= 1.9
Overview =============== DartWebserver.Dll is an HTTP server provided by Dart Comunications dart.com. It is distributed intheir PowerTCP/Webserver For ActiveX product and likely other similar products. "Build web applications in any familiar software development environment. Use WebServer for...
[USN-1576-1] DBus vulnerability
========================================================================== Ubuntu Security Notice USN-1576-1 September 20, 2012 dbus vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...
Tochiba ConfigFree multiple security vulnerabilities
Multiple vulnerabilities on CF7 files parsing...
DDIVRT-2012-42 Novell GroupWise Agents Arbitrary File Retrieval (CVE-2012-0419)
Title ----- DDIVRT-2012-42 Novell GroupWise Agents Arbitrary File Retrieval CVE-2012-0419 Severity -------- High Date Discovered --------------- April 2, 2012 Discovered By ------------- Digital Defense, Inc. Vulnerability Research Team Credit: r@b13$ Vulnerability Description...
RubyGems https vulnerabilities
Insufficient certificate validation, redirection to insecure protocols...
CVE-2012-4415: guacamole local root vulnerability
Overview ======== "Guacamole is an HTML5 web application that provides access to desktop environments using remote desktop protocols such as VNC or RDP. A centralized server acts as a tunnel and proxy, allowing access to multiple desktops through a web browser. No plugins are needed: the client...
QEMU memory corruption
Memory corruption on terminal emulation...
[USN-1590-1] QEMU vulnerability
========================================================================== Ubuntu Security Notice USN-1590-1 October 02, 2012 qemu-kvm vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...
Apple TV multiple security vulnerabilities
Multiple vulnerabilities on different formats and protocols parsing...
APPLE-SA-2012-09-24-1 Apple TV 5.1
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2012-09-24-1 Apple TV 5.1 Apple TV 5.1 is now available and addresses the following: Apple TV Available for: Apple TV 2nd generation and later Impact: Viewing a maliciously crafted movie file may lead to an unexpected application termination ...
STARTTLS vulnerability in different mail applications
Atacker can inject cleartext commands before TLS phase...
[ MDVSA-2012:156 ] inn
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2012:156 http://www.mandriva.com/security/ Package : inn Date : October 2, 2012 Affected: 2011. Problem Description: A security issue was identified and fixed in ISC INN: The STARTTLS implementation in INNs NNTP...
Microcart 1.0 Checkout Cross-Site Scripting Security Vulnerability
/------------------------------------------------------------------- | Microcart 1.0 Checkout Cross-Site Scripting Security Vulnerability | -------------------------------------------------------------------/ Summary ======= Microcart 1.0 is subject to several cross-site scripting vulnerabilities...
XSS in OSSEC wui 0.3
Hello All, Just to report xss in ossec-wui 0.3 Request: ---- POST /ossec-wui/index.php?f=s HTTP/1.1 Host: 172.16.0.12 Content-Length: 267...
Cisco Unified Communications Manager DoS
Crash on SIP parsing...
[CVE-ID REQUEST] Atlassian Confluence - Multiple Cross-Site Request Forgery (CSRF) Vulnerabilities
Product: Confluence Vendor: Atlassian Version: 3.0 / Current Tested Version: 3.4.6 Vendor Notified Date: June 31, 2011 Release Date: September 19, 2012 Risk: Medium Authentication: Depends on configuration. Remote: Yes Description: Multiple Cross-Site Request Forgery CSRF vulnerabilities in...
Cisco IOS multiple security vulnerabilities
Multiple DoS conditions in different protocols implementations...
NGS00254 Patch Notification: Apple Mac OS X Lion USB Hub Class Hub Descriptor Arbitrary Code Execution
High Risk Vulnerability in Apple Mac OS X Lion 27 September 2012 Andy Davis of NCC Group has discovered a High risk vulnerability in Apple OS X Lion v10.7 to v10.7.4, OS X Lion Server v10.7 to v10.7.4. Impact: Arbitrary Code Execution bug triggered by USB device insertion Versions affected: Mac O...
Joomla 2.5.6 Multiple Cross-site scripting vulnerabilities
Advisory: Joomla 2.5.6 Multiple Cross-site scripting vulnerabilities Advisory ID: SSCHADV2012-014 Author: Stefan Schurtz Affected Software: Successfully tested on Joomla 2.5.6 Vendor URL: http://www.joomla.org/ Vendor Status: fixed ========================== Vulnerability Description...
[ MDVSA-2012:154 ] apache
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2012:154 http://www.mandriva.com/security/ Package : apache Date : September 28, 2012 Affected: Enterprise Server 5.0 Problem Description: Multiple vulnerabilities has been found and corrected in apache ASF HTTPD...
xinitd restrictions bypass
tcpmux invalid service type check...
CVE-2012-0862
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2012:155 http://www.mandriva.com/security/ Package : xinetd Date : September 28, 2012 Affected: Enterprise Server 5.0 Problem Description: A security issue was identified and fixed in xinetd: builtins.c in Xinetd...
Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...
Smartfren Connex weak permissions
Weak permissions for executable files lead to privilege escalation...
Multiple vulnerabilities in IFOBS
Hello 3APA3A! I want to warn you about Brute Force and Cross-Site Scripting vulnerabilities in system IFOBS. IFOBS - it's Internet-banking system, which is widespread and particularly it's used by large number of Ukrainian banks. These are the first 38 vulnerabilities in IFOBS: 2 BF and 36 XSS...
Apple Mac OS X multiple security vulnerabilities
Multiple vulnerabilities in different subsystems...
Microcart 1.0 _Admin Cross-Site Scripting Security Vulnerability
/----------------------------------------------------------------- | Microcart 1.0 Admin Cross-Site Scripting Security Vulnerability | -----------------------------------------------------------------/ Summary ======= Microcart 1.0 is subject to a cross-site scripting vulnerability. A generic...
Apache security vulnerabilities
modnegotiation crossite scripting, local shared library privilege escalation...
Wordpress Download Monitor - Download Page Cross-Site Scripting
/----------------------------------------------------------------- | Wordpress Download Monitor - Download Page Cross-Site Scripting | -----------------------------------------------------------------/ Summary ======= Wordpress Download Monitor 3.3.5.7 is subject to a cross-site scripting...
BF and XSS vulnerabilities in IFOBS
Hello 3APA3A! I want to warn you about Brute Force and Cross-Site Scripting vulnerabilities in system IFOBS. IFOBS - it's Internet-banking system, which is widespread and particularly it's used by large number of Ukrainian banks. These are the next 36 vulnerabilities in IFOBS: 2 BF and 34 XSS in...